DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.10.2 Run by uzivatel at 17:58:08 on 2013-02-24 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.641 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Guard-ICQ\GuardICQ.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Guard-ICQ\GuardICQ.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\ICQ6Toolbar\ICQ Service.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Windows\system32\PnkBstrB.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.119\deploy\LoLLauncher.exe C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.241\deploy\LolClient.exe C:\Windows\system32\taskeng.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . uStart Page = hxxp://eu.ask.com/?l=dis&o=APN10374&gct=hp uDefault_Page_URL = hxxp://qip.ru uDefault_Search_URL = hxxp://search.qip.ru mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={91ACBC95-EC3E-11E1-80E3-001A927C3D63} uSearchAssistant = hxxp://search.qip.ru/ie uURLSearchHooks: : - LocalServer32 - uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.9\ytdToolbarIE.dll uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll mURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll mURLSearchHooks: : - LocalServer32 - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files\funmoods\1.5.23.22\bh\escort.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Help the General-Search Project: {CA4520F3-AE13-4FB1-A513-58E23991C86D} - c:\users\uzivatel\appdata\roaming\media finder\extensions\gencrawler_gc.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.9\ytdToolbarIE.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: ICQToolBar: {855F3B16-6D32-4FE6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\program files\funmoods\1.5.23.22\escorTlbr.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.9\ytdToolbarIE.dll EB: ICQToolBar: {855F3B16-6D32-4FE6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [Google Update] "c:\users\uzivatel\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount uRun: [Media Finder] "c:\program files\media finder\Media Finder.exe" /opentotray uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Guard.Mail.ru.gui] "c:\program files\guard-icq\GuardICQ.exe" /gui mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe mRun: [Sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe" StartupFolder: c:\users\uzivatel\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.0\program\quickstart.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download with &Media Finder - c:\program files\media finder\hook.html IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Od&eslat do aplikace OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\icq7.7\ICQ.exe IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 192.168.1.1 192.168.45.1 TCP: Interfaces\{67EA8654-558B-42FD-B911-1850130D772A} : DHCPNameServer = 192.168.1.1 192.168.45.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg . ================= FIREFOX =================== . FF - ProfilePath - c:\users\uzivatel\appdata\roaming\mozilla\firefox\profiles\ovv1ht79.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com/?l=dis&o=APN10374&gct=hp FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000027&locale=en_EU&apn_uid=34D47C63-3F99-4D83-8B04-A1613A6247F9&apn_ptnrs=^U3&apn_sauid=C1444401-3AA2-40EB-98AF-3825043AB63F&apn_dtid=^YYYYYY^YY^CZ&&q= FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\users\uzivatel\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\Npindeo.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - ExtSQL: 2013-01-11 16:48; toolbar@ask.com; c:\users\uzivatel\appdata\roaming\mozilla\firefox\profiles\ovv1ht79.default\extensions\toolbar@ask.com . ---- FIREFOX POLICIES ---- pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0); pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0); FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzutDtDtC0AzytByB0CtA0DyCtAyCyCzzzztN0D0TzutBtDtCtBtDyCtDzy&cr=687135589 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzutDtDtC0AzytByB0CtA0DyCtAyCyCzzzztN0D0TzutBtDtCtBtDyCtDzy&cr=687135589 FF - user.js: extensions.funmoods.tlbrSrchUrl - FF - user.js: extensions.funmoods.id - 48d96688000000000000001a927c3d63 FF - user.js: extensions.funmoods.instlDay - 15500 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2223:0:3 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - iron2 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - iron2 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111881 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 48d96688000000000000001a927c3d63 FF - user.js: extensions.BabylonToolbar_i.hardId - 48d96688000000000000001a927c3d63 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15536 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:27:35 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . ============= SERVICES / DRIVERS =============== . R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-5 24408] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-5 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-5 337880] R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-2-8 805240] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-5 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-5 57688] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-5 44768] R2 FontCache;Mezipamì písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2012-2-17 21504] R2 Guard.Mail.ru;Guard.Mail.ru;c:\program files\guard-icq\GuardICQ.exe [2012-2-21 1564368] R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2012-2-21 247872] R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688] R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] S2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2012-4-5 134920] S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile=c:\windows\system32\notepad.exe "%1" . =============== Created Last 30 ================ . 2013-02-24 16:45:38 -------- d-----w- c:\program files\trend micro 2013-02-23 15:03:54 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{073230b3-74a4-459d-bf88-8e7496209e74}\offreg.dll 2013-02-22 07:29:15 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{073230b3-74a4-459d-bf88-8e7496209e74}\mpengine.dll 2013-02-18 18:39:01 -------- d-----w- c:\users\uzivatel\appdata\roaming\Funmoods 2013-02-17 11:28:00 6161832 ----a-w- c:\windows\system32\nvopencl.dll 2013-02-17 11:28:00 19914680 ----a-w- c:\windows\system32\nvoglv32.dll 2013-02-17 11:28:00 10919864 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2013-02-17 11:27:58 7753688 ----a-w- c:\windows\system32\nvcuda.dll 2013-02-17 11:27:58 2575800 ----a-w- c:\windows\system32\nvcuvid.dll 2013-02-17 11:27:58 1867704 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-02-17 11:27:57 17560504 ----a-w- c:\windows\system32\nvcompiler.dll 2013-02-15 22:31:23 186432 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2013-02-15 21:07:36 -------- d-----w- c:\program files\FlatOut2 2013-02-14 06:50:58 2048512 ----a-w- c:\windows\system32\win32k.sys 2013-02-14 06:50:56 1314816 ----a-w- c:\windows\system32\quartz.dll 2013-02-14 06:50:54 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-14 06:50:50 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-14 06:50:50 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 19:06:58 -------- d-----w- c:\program files\YTD Toolbar 2013-02-13 19:06:58 -------- d-----w- c:\program files\Application Updater 2013-02-02 16:59:51 -------- d-----w- c:\program files\Microsoft 2013-02-02 16:59:12 -------- d--h--w- c:\windows\msdownld.tmp 2013-02-02 16:59:06 -------- d-----w- c:\windows\system32\directx 2013-01-29 17:37:03 -------- d-----w- c:\program files\common files\Spigot . ==================== Find3M ==================== . 2013-02-23 21:05:22 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-23 21:05:22 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-11 15:35:34 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-01-11 15:35:20 859072 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-01-11 15:35:20 779704 ----a-w- c:\windows\system32\deployJava1.dll 2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-01-03 11:42:57 888760 ----a-w- c:\windows\system32\nvdispgenco32.dll 2013-01-03 11:42:57 2443472 ----a-w- c:\windows\system32\nvapi.dll 2013-01-03 11:42:57 15411296 ----a-w- c:\windows\system32\nvd3dum.dll 2013-01-03 11:42:57 1010104 ----a-w- c:\windows\system32\nvdispco32.dll 2013-01-03 08:38:31 3969976 ----a-w- c:\windows\system32\nvcpl.dll 2013-01-03 08:38:31 2858424 ----a-w- c:\windows\system32\nvsvc.dll 2013-01-03 08:37:58 634808 ----a-w- c:\windows\system32\nvvsvc.exe 2013-01-03 08:37:58 62904 ----a-w- c:\windows\system32\nvshext.dll 2013-01-03 08:37:58 108984 ----a-w- c:\windows\system32\nvmctray.dll 2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll 2012-07-06 19:24:21 189 ----a-w- c:\program files\0SQ7B5G2.bat . ============= FINISH: 17:59:20,89 ===============